1. Field of the Invention
Methods and systems consistent with the present invention relate to a digital rights management license and, more particularly, to binding a license of digital content using information about a path through which the license is transferred.
2. Description of the Related Art
The growth of the Internet and the development of multimedia technology have led to a widespread distribution and accessibility of digital content. However, if there is no viable way to protect the rights of such digital content, the development of multimedia technology would also lead to unauthorized distribution of the digital content.
In order to more effectively protect the rights of digital content, much research on digital rights management (“DRM”) is being carried out to be used in commercial services. Here, DRM denotes software or hardware technology that limits the use of digital content only to a rightful user. Thus far, most DRMs include techniques related to licenses and digital content. The license generally includes a set of rights that can be performed with respect to the digital content and content keys capable of decrypting the related content.
Ironically, the need for DRM arises from the versatile and easily manageable characteristics of digital data. It is well known that digital content, unlike analog data, can be readily copied without loss, and can be reused, processed and distributed to third parties, but a large amount of cost, effort and time are required to produce the digital content. Thus, copying and distribution of digital content without permission hinder the development of the digital content industry in that the potential profits are not being fully realized, which has deterred the business sentiment in the digital content industry.
Some efforts have been made to protect digital content. Conventionally, digital content protection has been focused on preventing access to digital content without permission. For example, only the users who have paid charges are permitted to access the digital content. However, when a user who has paid the charges accesses the digital content and distributes it to a third party, the digital content can be used by the third party without paying the charges, which leads to a number of problems in commercializing the digital content service.
A DRM has been proposed. With the implementation of DRM, users are allowed to freely access encrypted digital content, but a license is needed to decrypt and execute the encrypted digital content. As a result, the digital content can be more effectively protected by using the DRM.
FIG. 1 is a view schematically illustrating a related art DRM. As shown in FIG. 1, DRM mainly covers digital content protected by encryption or scrambling (hereinafter referred to as “encrypted content” in FIG. 1) and licenses for access to encrypted digital content.
In FIG. 1, there is a user 110 desiring to access digital content protected by DRM, a content issuer 120 providing the digital content, a license issuer 130 issuing licenses that include rights to access the digital content, and a certification authority 140 issuing certificates.
From the content issuer 120, the user 110 can obtain desired digital content that is encrypted content protected by DRM. The user 110 can obtain a license that can execute the encrypted content from the license issuer 130. The user 110 having the license can execute the encrypted content.
The certification authority 140 issues a certificate indicating that the content issuer 120 and the user 110 are rightful users. The certificate can be stored in each device when the device is manufactured. However, the certificates issued from the certification authority 140 may be revoked before they expire. As described above, DRM can protect the profits of digital content producers or issuers to render help in promoting the digital content industry.
Generally, in order to prevent a license (or digital content) from being used by an illegal device or user, it is bound to the device or user. “Binding” refers to a concept that limits the playback (or access) of digital content to a specified device or user through an encryption technique so that no device or user, except for the specified device or user, can play (or access) the content. As shown in FIG. 2, most related art DRM schemes bind a license (or digital content) to a content user, a player playing the content, a set of users using the content, a set of players, and others, using binding keys.
FIG. 2 illustrates digital content and a content issuer 210 issuing licenses for the digital content. The subject providing digital content and the subject providing licenses may differ. However, for convenience in explanation, it is considered that the same subject provides both digital content and licenses.
Referring to FIG. 2, the content issuer 210 may provide a DRM license by encrypting a content encryption key (CEK) using a binding key Ku for a set of users 220 using the content S201, encrypting the CEK using binding keys Ku_1, Ku_2, Ku_3 and Ku_4 for respective content users 222, 224, 226 and 228 using the content S202, encrypting the CEK using a binding key Kd for a set of players 230 using the content S203, or encrypting the CEK using binding keys Kd_1, Kd_2, Kd_3, Kd_4, Kd_5 and Kd_6 for respective players 231, 232, 233, 234, 235 and 236 using the content S204. As shown in FIG. 2, CEK indicates a key for encrypting the digital content.
In the above-described binding structure, the content issuer 210 cannot be sufficiently reflected, which will now be explained with reference to FIGS. 3A and 3B.
Referring to FIG. 3A, it is assumed that the first to fourth content users 222, 224, 226 and 228 possess the first player 231, third player 233, fourth player 234 and sixth player 236, respectively, and that the four content users 222, 224, 226 and 228 share the second player 232 and fifth player 235.
As shown in FIG. 3A, if the content issuer 210 intends to limit the use of content 215 through the shared second player 232 and fifth player 235 to only the first content user 222 and second content user 224, such a requirement of the content issuer cannot be satisfied under the above-described binding structure.
Specifically, as shown in FIG. 3B, in the case in which the first content user 222 and the second content user 224 are in a single domain 330, and a DRM license is provided by encrypting the CEK using a binding key Ka for this domain S310, the first content user 222 and the second content user 224 can use the content 215 through the first player 231 and the third player 233 since the first content user 222 and the second content user 224 possess the first player 231 and the third player 233, respectively. This is contradictory to the requirement of the content issuer 210.
Also, in the case in which the second player 232 and the fifth player 235 are in a single domain 340, and a DRM license is provided by encrypting the CEK using a binding key Kb for this domain S320, the third content user 226 and the fourth content user 228 can use the content 215 through the second player 232 and the fifth player 235 since the third content user 226 and the fourth content user 228 share the second player 232 and the fifth player 235, respectively. In the same manner, this result is contradictory to the requirement of the content issuer 210.
As described above, related art binding methods follow a device binding method or a user binding method that considers only the subject using the license (e.g., a content user or a set of users using the content) or the object (e.g., a player playing the content or a set of players), and thus the use range of the digital content is limited.
In addition, according to related art techniques, the DRM system issuing DRM licenses on the content issuer side and the DRM system decrypting and playing encrypted content on the player side must be the same DRM system.